Cyberwarfare
Cyberwarfare, sometimes referred to as "cyberwar" and "cyber warfare", is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, an adversary's information, information-based processes, information systems, and computer-based networks while protecting one's own. Such actions are designed to achieve advantages over military or business adversaries.Cyberlaw Edition of The UNSC Navy Law Review: 2199, Volume II, Local Copy History Conception Current development The 22nd century saw a massive revolution in the development and integration of cyberspace in citizens' everyday lives. With massive networks of billions of computers and neural implants, the population now shares a common information database. The size of the internet's shareable knowledge increased exponentially, squaring in size every five years until finally, at the beginning of the this decade, the total bytes of knowledge on the global net, written on paper, would fill up the solar system. With no centralized hub, the net found itself powered by the brains of the cyberised users accessing it every day. Information stopped being relayed over wire, replaced with satellite and cellular towers. There was no place on earth where the net did not exist. If one person with a neural implant lived there, the net would expand to meet it. Everything anyone has ever conceived about the net has passed, replaced with new ideals the previous generation hadn’t even conceived. Implants of powerful computers provide vastly increased memory capacity, total recall, as well as the ability to view his or her own memories on an external viewing device. Users can also initiate a wirless conversation with other neural implants users, utilising avatars life-like, though the downsides being neural implants hacking, malicious memory alteration, and the deliberate distortion of subjective reality and experience. Many third part neural implant components are highly susceptible to these threats, thought higher grade and military issue ones are protected by complex defensive barriers, preventing easy access. Future developments Doctrine Offensive Offensive doctrines can generally be divided into several areas, Entry Protocols, Net Diving and Network Breaching. Each one has its limitations and abilities, so knowing when to make use of these different tactics is the key to victory in electronic warfare for a cyber operator. Illegal Entry Protocols Illegal Entry Protocols is an exploitative technique that circumvents the security systems and grants the aggressor remote control of a system by way of accessing the system's backdoor.Backdoors are command utilities established to prevent stolen technologies from being used by the exploiter/circumventor. While simple to understand on paper, the application of Entry Protocols proved difficult and often unsuccessful in most attempts. (PIE), are often used to engage vulnerable operating systems. The amount of systems the aggressor would have remote control of is largely be dependent on how many successful backdoors cracked; not all systems have backdoors while a few others are inoperable from remote operation without a thorough system search. Typical remedies in such event would be a system switch to compensate the vulnerable system, preventing the aggressor from accessing the network from a single PIE attack. However, the introduction of third generation A.I.s in the fields of cyberwarfare made these remedial methods redundant. The UNSC and CAA, from 2450 onwards, had their entire operating system infrastructure standardized, making the system vulnerable to aggressive cyber attacks. After the case, another hack event involving a destroyer took place, whereby the warship was hacked via PIE intrusion and forcefully shut down, forcing the crew to scuttle the ship and abandon it. The UNSC was aware of the growing dangers and vulnerabilities of ships' systems; following the investigation of Persephone, the UNSC began implementing a number of countermeasures, such as new-generation attack and maze barriers. With the employment of third generation A.Is, the UNSC was able to bolster the entire operating infrastructure's defences and reduce the number of hack cases. These Entry Protocols developments were also applied against the Insurrectionists and other anti-government forces, though efforts made were mostly unsuccessful and unsatisfactory. This is partly due to the use of homegrown collections of software and hardware, of which create intricate and illegible networks. The applications of Illegal Entry Protocols on Covenant systems proved difficult, due to the lack of a properly known form of a backdoor. Nevertheless, PIE were integral in deciphering the Covenant's energy shielding technology. While Illegal Entry Protocols methods were most closely related to military targets, it can be used against both civilian and industrial targets. Against industrial targets, PIE can be used to shut down factories, disable production lines or trigger alarms. In targeting of non-combatant computers or server hardware, PIE can be used to remotely disable and lock out computers, or lock users out of a network. Net Diving Net Diving is perhaps one of the more intrusive methods, allowing the operator to literally observe and then attack elements of enemy's data network, such as the UNSC or Covenant Battle Net. This allowed the user to attempt to breach their network then collect information from inside, or begin an attack on enemy systems linked to this network, most notably communications. While free nets, such as the UNSC extra net are free to access, servers on said net are often difficult to access, dependent on the firmware of the server and defences of the server provider. In military operations, Net Diving can be used to penetrate an enemy information network, using one of three methods. The user can attempt to breach it remotely, hacking an open server, though this is often difficult and requires a brute force attack that rarely leaves the hacker undetected. The other two methods are either manually jacking into a system linked to the network, slipping in unnoticed or piggy backing on an existing signal, though this is difficult. Once breached, the hacker can passively observe, intercepting and downloading information, akin to radio interception, or taking a more active and aggressive role. The hacker can actively hack servers within the net, jamming up communications, accessing sensitive information, disabling linked systems, feeding false information and uploading volatile virus programs, generally causing a mess. Though infected areas can be partitioned, a skilled hacker remains invisible on the net, allowing him to quietly cause havoc with delayed action viruses. Many civilian networks, such as the UEG ExtraNet are free to access, created by the expanse of networked computers and servers. However, on this sea of digital information, there are still solid protections, such as defensive programs around servers and personal computers, requiring either brute force or subterfuge. Once penetrated, these servers or computers can be damaged with viruses, purged, searched for personal information or cause serious damage to industrial or civilian infrastructure and effect online services. Often, once a system is breached, it requires a disconnected form of Network Breaching to then gain further access. Net Diving also opens up to two other insidious forms of hacking. The first is Swarm Attacks. A server or computer linked to the network can be utterly shut down by bombarding it with hundreds upon thousands of user inputs, jamming it up and literally knocking it out. Another method is Island hopping, where by a server is infected by a aggressive viral package on a server and forcibly uploading it to every system that comes into contact with it, enslaving numerous systems , allowing a user to execute Swarm attacks more effectively. Network Breaching Network Breaching is probably one of the most effective means of penetrating a computer system, but carries the most personal danger. While other methods can be done from a distance, protecting the operator from both harm and potential back lash, Network Breaching requires the operator to directly jack into a computer system. This direct access often bypasses many of the hardest defences, but are rarely unprotected. The system can be infiltrated by a remote jack, UGV or any via any hardware connected to a large system, such as a single security system in a larger fibre-optic cable linked network. This allows a hacker to upload viral packages at a much faster rate, as well as download information at a increased speed. System Hack Once one of these entry methods is used, the system is anything but laid bare. The hacker, first of all, has to breach the various barrier programs. Barrier programs take a variety of forms, designed to stop, delay, deceive or outright attack the hacker. The primary way of breaching a Barrier is using an Attack Array. These are software programs designed to find exploits, program weaknesses or routes through the barrier, being utilised by the hacker to find pathways, while deploying viruses to create breaches. More expensive military systems utilise self modulating arrays, adapting thousands of times a second to avoid tracing, detection and deployment of anti-virals. Decoy Arrays are utilise to draw attention away, and probe for weaknesses in barriers. Another method is using a Barrier Breaker program. These are often rare and in most cases, only work against lowest grade barriers. These programs autonomously hack the barrier wide open in short periods. Barrier Software updates often stop Barrier Breakers. however, UNSC operators use high level Barrier Breaker programs, directly controlled by the operator, creating mutable programs that can adapt to new software updates to continue breaching barrier software. However, in an active hack, against a determined defender, Barrier Breakers only work the once, as it will give the defender enough time to adapt to the program and create countermeasures to prevent it being used against another barrier in the network. Once the hacker has penetrated the exterior defences, they then have to navigate the internal structure, infecting or hacking various systems to gain control, while bypassing barriers and defensive systems, aiming to gain control of key functions. Inside, the hacker must attempt to take control of hard and software, then hardening them against counter attack by automated or directed defence, such as anti-virus software, tracing programs and diagnostic program. A skilled hacker is capable of accessing a computer, server, lock system, vehicle computer, even a persons neural interface. The scope of what is capable with a hacked system is only limited by the hackers imagination. Defensive Despite the wide, and sometimes terrifying array of methods for infiltrating and damage and electronic system, just as many ways have been designed to defend against these intrusions. Barriers are one of the most basic forms of defence and most widely spread. Barriers consist of a intricate network designed to bar access to a network or system, designed to stop, confuse or outright attack a hacker. Barriers are a collection of autistic software, partitioned away from the rest of the system to protect it from hack attempts and designed to stop intrusion attempts, but are by no means invulnerable. Defence Barriers consist of a firewall program, designed to analyse and block data packets at data and application levels, enforcing a strict rule set to control the flow of data into a computer. The more intricate Maze Barriers consist of a 'network maze', designed to slow and confuse attempted hacks, cutting off multiple intrusions and forcing hackers to attempt to find a pathway through the maze, using multiple firewalls arranged in both parallel networks and in series. More intricate mazes cost substantially more, and the highest grade ones, often used by military units, feature mutating algorithms to create a constantly shifting maze. Dummy barriers are a proxy system appear on networks as high level firewalls, designed to stall and slow down intrusion attempts. These barriers are connected to 'dead ends' meaning after breaching it, hackers find themselves without any further access into a system. This is often a stalling tactic to develop countermeasures or trace the hacker. Attack Barriers are a highly vicious, and outside of military use are mostly outlawed. These systems appear as normal defence barriers, luring hackers in, before preforming a back hack, intending to (in low level cases) send a virus into their system at a vulnerable moment, when the hacker's defences are at their weakest. Higher level Attack Barriers attempt to back hack the hacker then fry their gear or neural implant, aiming to stun, maim or even kill, depending on the lethality intended. Back Hacks are more subversive methods of defence but more effective in an active defence. when a hacker is attempting to breach or infiltrate a system, his defences are usually at his lowest. His attention is devoted to the hack and his automated defences are often down to allow increased speed in upload and download. At the pinnacle of a hack, providing the defender can pin down and trace the hacker, he can back hack the offensive hacker and turn the tables, maybe even completely exploiting his systems and stopping the hack dead, maybe even compromising his systems, or himself. with his defences down, its possible for his memories to be altered, damaged, or his neural circuitry overloaded, causing severe neural damage, or even death. The final method of defence is to amputate the infected regions through different tactics The first would be to partition vital systems, creating barriers around vital software, increasing the defence of a system individually. Another tactic would be to immediately jump to autistic mode, wherein the system immediately cuts itself off from the network, allowing the operator to cut off a directed attack, though automated viral attacks may continue. The last tactic would be to 'break the circuits, manually or electronically disconnecting the soft and hardware, isolating viruses and halting hackers from accessing the systems. Within computer systems, a number of defensive systems exist, such as infecting apparently important information as viral vectors, to infect hackers who attempt to download it. Once breached, most networks will begin a trace on the hacker, with the longer he's connected to the network, the easier it becomes. Once traced, the hacker can still preform the hack, but his position is compromised. Lastly, all systems have inbuilt, roving diagnostic software that patrols for anomalies and breached systems. These act in autistic mode, making it impossible to remotely hack them, though skilled hackers may use infected software or hardware as a vector to assault the diagnostic software. Viral Systems Viruses, though not necessary to hack a system, are important tools in preforming hacks, as both entry methods and securing systems. Though new viral programs are written everyday, and the classifications are diverse, there are generally seven recognised types, though these have near infinite mutability. Nuke Virus Stop Virus Wyrm Murder Virus Operating System Structures Participants UEG CAA UNSC URF Non-state actors There is considerable evidence that some non-state actors and anti-government forces use cyberspace as another tool to wage their fight against various nations. For example, ’s Freedom Movement utilises the cyberspace to elicit support for its cause. ' Petrograd militia in Russia maintains a website with a range of material and even solicits contributions from abroad. Legality The use of technology designed to destroy or incapacitate an enemy's communications or information infrastructure will fall, during hostilities, under the auspices of the Law of Armed Conflict. The two principles by which any act of aggression must be measured under these laws are necessity and proportionality. An attack must be necessary for a military purpose, and the damage it causes must be worth the advantage that is gained. It is under these rules that global thermonuclear warfare could become obsolete. What military advantage could be proportional to the loss of millions of lives? Thousands of pages have been written on the legality of nuclear war, but current doctrine and literature have little comment on the legal aspects of information or command and control warfare. Some may argue that non-lethal forms of warfare, such as compromise of an enemy computer system, do not constitute the "use of force," and therefore are not subject to the laws of armed conflict. To advance that contention, proponents must instead show that these actions are legal under peacetime international laws, a more difficult task. ONI officials, for example, have reportedly rejected intrusion into other colonial governments' and countries' computers, considering them to be a "fundamental attack." Clearly, international law would consider such acts illegal in peacetime, hence they must be measured against the principles of the laws of warfare. The principle of necessity One basic tenet of international law is that attacks against civilians are prohibited. Attacks against a government's financial, transportation, or communications systems must be shown to have clear military necessity to be legal. Even in the more mundane forms of information warfare, such as destruction of an enemy's command and control capability, law of armed conflict questions may restrict the operational commander. From a purely legal standpoint, intelligence will have to provide evidence that targets like these are being used by the military to be considered as legal targets. Indiscriminate destruction of a nation's communications infrastructure, while possibly good information warfare, will certainly be poor public relations and possibly prove illegal. The principle of proportionality It is in the attacks on information systems that most of the more imaginative forms of information warfare will run into problems. It is reasonably clear to the air campaign planner, who must decide whether to destroy a ball-bearing or a baby milk factory, which might be legal. When the attack will indiscriminately affect huge sectors of the enemy's economy for an unknown amount of military advantage, however, the commander must ask hard questions of its legality. Glossary Notes Sources External Links *[http://www.un.int/kamal/thelawofcyberspace/The%20Law%20of%20Cyber-Space.pdf United Nations: The Law of Cyberspace]